Ivan Ristic has been quietly weeding through millions of registered domain names to find and test SSL protocol implementations. Ristic, director of engineering at Redwood Shores, Calif.-based Qualys Inc., runs SSL Labs, a non-commercial research effort that was acquired by Qualys last year.
The site uses an SSL testing tool to check for configuration issues and protocol errors that can be used by cybercriminals in man-in-the-middle attacks to trick people into giving up sensitive data.

"We're trying to find as many SSL servers on the Internet and assess every single one of them," Ristic said. "The goal is to really understand how SSL is used. We need to know if we're secure and if there are insecure aspects, we need to know what they are and what we can do to fix them."

The link for this article located at Search Security is no longer available.